Jump to content
Tuts 4 You

D1N's Blog

Sign in to follow this  
  • entries
    10
  • comments
    3
  • views
    40,870

DobReXor (Work in Progress)

Sign in to follow this  
D1N

1,362 views

I plan on releasing more information related to this project in the next couple of weeks. I started developing DobReXor back in mid December. It's made a lot of progress and I've managed to port the code over to Linux. The application is supported on both Windows and Linux. It was a tough decision for me because I wanted to make my first cryptographic project unique, but I also wanted to focus on two topics of interest to me, obfuscation being one of them and malware being the other and how they can be used together or for better lack of words cryptovirology, but not in terms of what we have seen in the past. This is different. Like I said, I was shooting for something creative and unique. Possibly something that can be used in presentations. We hear a lot about software being exploited, protocol vulnerabilities being discovered which in turn eventually improves the quality and usability of the product or service. This tool was designed to be an attack tool for the purpose of researching weaknesses in anti-virus software. The goal is to improve anti-virus software. The issue here is that most (not all - there are some exceptions) modern anti-virus vendors are not prepared to deal strong cryptography and secure key management used in conjunction with malicious software. It's simple to use heuristics, signatures, emulation to detect a file and define it as being malicious. However, when you add secure key management and self decrypting files where parts of the secure key can be split up and stored somewhere until decryption in which case each part is reconstructed thus allowing the file decryption to take place makes detection very difficult and not just from anti-virus but a forensic standpoint as well. This tool may also serve as a good example for people with questions about obfuscating character sequences. I've seen this topic come up a lot in the past so hopefully my work can be used as an example. I'm open to anyone who would like to join me and improve this tool.

I will be posting updates soon. The project will be open source.

Thank you for all the support! - D1N

dobrexor757.png

Usage example

usage351.png

Examples of obfuscated strings based on different user input

dobrexor-strings474.png

Sign in to follow this  


0 Comments


Recommended Comments

There are no comments to display.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...